Ho fatto tutte le scansioni e Antimalwer non ha rilevato niente, adw cleaner ho sbagliato qualcosa e non sono riuscito a mandartelo, Junkware aveva solo una voce che diceva di aver eliminato eusin g free register (che ho sempre avuto) e OTL non sono stato capace di postarlo col programma indicsto e l'unica cosa e' questo copia incolla, se puo' andare bene. Mi scuso ma meglio di cosi' non ho potuto.
OTL logfile created on: 27/07/2014 18.36.34 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Defazio\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1014,36 Mb Total Physical Memory | 293,71 Mb Available Physical Memory | 28,96% Memory free
2,38 Gb Paging File | 1,78 Gb Available in Paging File | 74,85% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 119,16 Gb Total Space | 88,32 Gb Free Space | 74,12% Space Free | Partition Type: NTFS
Drive E: | 29,89 Gb Total Space | 27,20 Gb Free Space | 91,00% Space Free | Partition Type: NTFS
Computer Name: GIUSEPPE | User Name: Peppino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\xxxxxx\Documenti\Download\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\xxxxxxx\Impostazioni locali\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programmi\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\PLFSetL.exe (sonix)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\PLFSetI.exe ()
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
========== Modules (No Company Name) ========== MOD - C:\Programmi\AVAST Software\Avast\defs\14072700\algo.dll ()
MOD - C:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programmi\AVAST Software\Avast\libcef.dll ()
MOD - C:\Programmi\AVAST Software\Avast\aswProperty.dll ()
MOD - C:\Programmi\File comuni\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programmi\File comuni\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\system32\ssp7ml3.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\PLFSetI.exe ()
========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MsMpSvc) -- c:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (Apple Mobile Device) -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (BBSvc) -- C:\Programmi\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found
DRV - (SSPORT) -- C:\WINDOWS\system32\Drivers\SSPORT.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (DgiVecp) -- C:\WINDOWS\system32\Drivers\DgiVecp.sys File not found
DRV - (Changer) -- File not found
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswsp.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswsnx.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswrdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswHwid) -- C:\WINDOWS\system32\drivers\aswHwid.sys ()
DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corp.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (winbondhidcir) -- C:\WINDOWS\system32\drivers\winbondhidcir.sys (Winbond Electronics Corporation)
DRV - (hidshim) -- C:\WINDOWS\system32\drivers\hidshim.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (risdptsk) -- C:\WINDOWS\system32\drivers\risdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (PQNTDrv) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{7C4BD5C5-D77C-470D-8B52-B0A0449EA0D4}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" =
https://it.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.comIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.comIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.comIE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
https://it.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
https://it.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://it.msn.com/?ocid=iehpIE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 A5 2D 3A 64 FB CB 01 [binary data]
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.comIE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\SearchScopes\{7C4BD5C5-D77C-470D-8B52-B0A0449EA0D4}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLR_itIT576
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" =
https://it.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\SearchScopes\{ACB5CC93-A74D-4A17-82D8-6DC05D42740B}: "URL" =
http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=114576&p={searchTerms}
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..keyword.URL: "http://it.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=114576&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programmi\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Programmi\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programmi\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programmi\AVAST Software\Avast\WebRep\FF [2014/07/08 09.59.07 | 000,000,000 | ---D | M]
[2013/03/22 20.13.11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xx\Dati applicazioni\Mozilla\Extensions
[2014/04/07 11.18.58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xxDati applicazioni\Mozilla\Firefox\Profiles\c1yuq6eb.default-1373220814140\extensions
[2014/02/22 20.17.33 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\x\Dati applicazioni\Mozilla\Firefox\Profiles\c1yuq6eb.default-1373220814140\extensions\ascsurfingprotection@iobit.com
[2014/05/21 10.57.27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xx\Dati applicazioni\Mozilla\Firefox\Profiles\c1yuq6eb.default-1373220814140\extensions\staged
[2014/04/07 11.18.58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xx\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi(2).default\extensions
[2014/02/22 20.17.33 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\xx\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi(2).default\extensions\ascsurfingprotection@iobit.com
[2014/05/21 10.57.28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xx\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi(2).default\extensions\staged
[2014/07/25 11.30.53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xx\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi.default\extensions
[2014/07/25 11.30.52 | 000,967,685 | ---- | M] () (No name found) -- C:\Documents and Settings\xx\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/02/22 20.07.26 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\c1yuq6eb.default-1373220814140\searchplugins\yahoo_ff.xml
[2014/07/25 11.42.53 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2014/07/25 11.43.15 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/25 11.42.53 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\distribution\extensions
[2014/07/25 11.42.53 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programmi\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
O1 HOSTS File: ([2013/05/26 10.31.41 | 000,448,583 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15405 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No CLSID value found.
O3 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-4300-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004..\Run: [Adobe Reader Synchronizer] C:\Programmi\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Block This Image (ABP) - Reg Error: Value error. File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..Trusted Domains: localhost ([]http in Intranet locale)
O15 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..Trusted Ranges: GD ([http] in Intranet locale)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5F56618-8703-499C-9488-908C3F249C8D}: DhcpNameServer = 62.101.93.101 83.103.25.250
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Defazio\Dati applicazioni\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Defazio\Dati applicazioni\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/05 09.13.00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ========== [2014/07/27 16.16.17 | 000,000,000 | ---D | C] -- C:\Concordia 27-7-2014 dopo attracco
[2014/07/27 16.01.32 | 000,000,000 | ---D | C] -- C:\Concordia 27-7-2014 Attracco ore 16
[2014/07/27 10.11.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Defazio\Documenti\Nuova cartella
[2014/07/27 09.59.04 | 000,000,000 | ---D | C] -- C:\Concordia 27-7-14 ore 9.59
[2014/07/25 21.47.45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Defazio\Recent
[2014/07/25 11.42.53 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2014/07/19 16.57.46 | 000,286,720 | ---- | C] (Sonix) -- C:\WINDOWS\System32\vsnp2uvc.dll
[2014/07/19 16.57.46 | 000,094,208 | ---- | C] (sonix) -- C:\WINDOWS\PLFSetL.exe
[2014/07/19 16.57.42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SUYIN NB Cam
[2014/07/19 16.57.42 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\SNP2UVC
[2014/07/19 16.56.26 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2014/07/19 16.54.44 | 000,027,904 | ---- | C] (REDC) -- C:\WINDOWS\System32\drivers\risdptsk.sys
[2014/07/19 16.49.10 | 001,123,328 | ---- | C] (Broadcom Corp.) -- C:\WINDOWS\System32\bcmwl5.sys
[2014/07/19 16.49.10 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devIA64.exe
[2014/07/19 16.49.10 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devcon.exe
[2014/07/19 16.49.09 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devAMD64.exe
[2014/07/19 16.49.09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Options
[2014/07/19 16.47.05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Broadcom
[2014/07/19 12.12.45 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2014/07/19 12.12.42 | 000,086,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoInstIIXP.dll
[2014/07/19 12.12.42 | 000,011,368 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtkCoLDRXP.dll
[2014/07/19 12.12.41 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2014/07/19 12.12.39 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2014/07/19 12.12.36 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2014/07/19 12.06.50 | 000,000,000 | ---D | C] -- C:\Programmi\SuYin
[2014/07/19 12.06.49 | 000,550,912 | ---- | C] (SuYin) -- C:\WINDOWS\Acer Crystal Eye webcam.EXE
[2014/07/19 12.06.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Acer Crystal Eye
[2014/07/18 21.23.39 | 002,685,280 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll
[2014/07/18 21.23.39 | 002,600,960 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ig4dev32.dll
[2014/07/18 21.23.39 | 000,645,632 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe
[2014/07/18 21.23.39 | 000,304,640 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc
[2014/07/18 21.23.39 | 000,303,104 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc
[2014/07/18 21.23.39 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc
[2014/07/18 21.23.39 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc
[2014/07/18 21.23.39 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc
[2014/07/18 21.23.39 | 000,279,040 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc
[2014/07/18 21.23.39 | 000,262,656 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc
[2014/07/18 21.23.39 | 000,252,416 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc
[2014/07/18 21.23.39 | 000,249,856 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc
[2014/07/18 21.23.39 | 000,206,848 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc
[2014/07/18 21.23.39 | 000,205,312 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc
[2014/07/18 21.23.39 | 000,093,696 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll
[2014/07/18 21.23.39 | 000,057,344 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll
[2014/07/18 21.23.39 | 000,051,712 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll
[2014/07/18 21.23.39 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll
[2014/07/18 21.23.38 | 005,702,656 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll
[2014/07/18 21.23.38 | 004,112,384 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ig4icd32.dll
[2014/07/18 21.23.38 | 003,773,952 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll
[2014/07/18 21.23.38 | 000,310,784 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc
[2014/07/18 21.23.38 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc
[2014/07/18 21.23.38 | 000,303,104 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc
[2014/07/18 21.23.38 | 000,299,008 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc
[2014/07/18 21.23.38 | 000,294,912 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc
[2014/07/18 21.23.38 | 000,291,328 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc
[2014/07/18 21.23.38 | 000,289,280 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc
[2014/07/18 21.23.38 | 000,288,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc
[2014/07/18 21.23.38 | 000,287,744 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc
[2014/07/18 21.23.38 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsky.lrc
[2014/07/18 21.23.38 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc
[2014/07/18 21.23.38 | 000,279,552 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc
[2014/07/18 21.23.38 | 000,277,504 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrslv.lrc
[2014/07/18 21.23.38 | 000,275,968 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc
[2014/07/18 21.23.38 | 000,199,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll
[2014/07/18 21.23.38 | 000,185,856 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll
[2014/07/18 21.23.38 | 000,179,712 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc
[2014/07/18 21.23.38 | 000,178,176 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc
[2014/07/18 21.23.38 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5218.dll
[2014/07/18 21.23.38 | 000,130,048 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll
[2014/07/18 21.23.38 | 000,119,296 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl
[2014/07/18 21.23.34 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpun.exe
[2014/07/18 19.22.14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Defazio\Impostazioni locali\Dati applicazioni\SlimWare Utilities Inc
[2014/07/18 19.21.47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documenti\Downloaded Installers
[2014/07/18 16.05.27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Defazio\Impostazioni locali\Dati applicazioni\Help
[2014/07/17 18.51.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Auslogics
[2014/07/17 18.51.31 | 000,000,000 | ---D | C] -- C:\Programmi\Auslogics
[2014/07/16 11.28.49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/07/08 10.03.03 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
[2014/07/08 09.59.04 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/03 10.26.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Defazio\Impostazioni locali\Dati applicazioni\Adobe
[2014/07/01 18.57.40 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Thunderbird
[2014/06/24 16.49.44 | 000,000,000 | R--D | C] -- C:\Immagini
[2014/06/19 18.28.53 | 000,042,272 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Dati applicazioni\*.tmp files -> C:\Documents and Settings\All Users\Dati applicazioni\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2014/07/27 18.42.00 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5B2BBFCB-D88F-41A9-9DE4-3F8269B043D0}.job
[2014/07/27 18.24.01 | 000,000,356 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/07/27 18.19.14 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/07/27 18.18.59 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/27 18.18.59 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job
[2014/07/27 18.18.44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/27 18.02.05 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/27 17.57.25 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/07/27 17.55.01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/27 17.22.25 | 000,001,942 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2014/07/27 16.18.46 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Defazio\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/07/26 18.58.55 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\lela.crpe 251520pe.URL
[2014/07/26 12.35.28 | 000,018,464 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\note importanti.odt
[2014/07/25 23.33.28 | 000,638,086 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2014/07/25 23.33.28 | 000,585,616 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/07/25 23.33.28 | 000,125,686 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2014/07/25 23.33.28 | 000,106,572 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/07/24 14.42.09 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/07/20 12.35.55 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Collegamento a adwcleaner_3.216.lnk
[2014/07/18 16.11.29 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Eusing Free Registry Cleaner.lnk
[2014/07/17 18.51.34 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Auslogics Disk Defrag.lnk
[2014/07/17 17.39.21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/07/15 14.41.25 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Internet Explorer.lnk
[2014/07/15 14.41.18 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/07/09 12.55.46 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/07/09 12.55.46 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/07/08 09.59.22 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/07/08 09.59.19 | 000,414,520 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/07/08 09.59.05 | 000,779,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/07/08 09.59.05 | 000,192,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/07/08 09.59.05 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/07/08 09.59.05 | 000,057,800 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/07/08 09.59.05 | 000,055,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
[2014/07/08 09.59.05 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/07/08 09.59.05 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/07/08 09.59.04 | 000,276,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/07/08 09.59.04 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/07 15.53.48 | 000,000,181 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Valore SPREAD BTP Italia 10 anni - Bund di oggi aggiornato in tempo reale.URL
[2014/06/29 14.54.49 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Thunderbird.lnk
[2014/06/28 14.28.11 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Outlook.lnk
[2014/06/20 23.43.55 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/06/08 16.46.47 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Carispezia.url
[2014/06/08 15.00.00 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job
[2014/06/03 16.53.34 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Dati applicazioni\*.tmp files -> C:\Documents and Settings\All Users\Dati applicazioni\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/07/20 12.35.55 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Defazio\Desktop\Collegamento a adwcleaner_3.216.lnk
[2014/07/19 16.57.46 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2014/07/19 16.57.46 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2014/07/19 16.57.46 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2014/07/19 16.57.43 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2014/07/19 16.49.11 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4315_Update32C.BAT
[2014/07/19 16.49.11 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4315_Remove32D.BAT
[2014/07/19 16.49.10 | 000,618,706 | ---- | C] () -- C:\WINDOWS\System32\bcmwl5.inf
[2014/07/19 16.49.10 | 000,013,277 | ---- | C] () -- C:\WINDOWS\System32\bcm43xx.cat
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4328_Update32D.BAT
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4328_Update32C.BAT
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4318_0312_Update32D.BAT
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4318_0312_Update32C.BAT
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4318_0311_Update32D.BAT
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4318_0311_Update32C.BAT
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4315_Update32D.BAT
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4311_Update32D.BAT
[2014/07/19 16.49.10 | 000,000,088 | ---- | C] () -- C:\WINDOWS\System32\4311_Update32C.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4328_Remove32D.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4328_Remove32C.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4318_0312_Remove32D.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4318_0312_Remove32C.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4318_0311_Remove32D.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4318_0311_Remove32C.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4315_Remove32C.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4311_Remove32D.BAT
[2014/07/19 16.49.10 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\4311_Remove32C.BAT
[2014/07/19 16.49.09 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\Desktop_.ini
[2014/07/19 12.12.40 | 000,026,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2014/07/19 12.06.49 | 000,626,688 | ---- | C] () -- C:\WINDOWS\Image.dll
[2014/07/19 12.06.49 | 000,200,704 | ---- | C] () -- C:\WINDOWS\PLFSetI.exe
[2014/07/19 12.06.49 | 000,004,838 | ---- | C] () -- C:\WINDOWS\Suyin.reg
[2014/07/19 12.06.49 | 000,000,245 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2014/07/18 21.23.39 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2014/07/18 21.23.39 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2014/07/18 21.23.38 | 001,498,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2014/07/18 21.23.38 | 000,058,558 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2014/07/18 21.23.38 | 000,029,820 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2014/07/18 16.11.29 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\Defazio\Desktop\Eusing Free Registry Cleaner.lnk
[2014/07/17 18.51.34 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\Defazio\Desktop\Auslogics Disk Defrag.lnk
[2014/07/17 17.39.21 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/06/29 14.54.49 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Thunderbird.lnk
[2014/06/29 14.54.49 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Thunderbird.lnk
[2014/06/28 14.28.11 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Defazio\Desktop\Outlook.lnk
[2014/06/08 16.46.47 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\Defazio\Desktop\Carispezia.url
[2014/04/24 16.37.38 | 000,192,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/04/24 16.37.38 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/04/24 16.37.38 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2013/12/28 12.06.05 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dati applicazioni\WBPU-TTL.DAT
[2013/12/28 12.06.04 | 000,000,110 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dati applicazioni\WB.CFG
[2013/05/15 12.26.44 | 000,085,373 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/01/08 14.15.31 | 000,007,943 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/08/02 14.49.38 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/04/05 16.02.52 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Defazio\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ========== [2011/04/15 17.33.12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/03/22 11.53.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\16F
[2011/04/05 11.15.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software
[2013/04/26 18.20.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AnySend
[2014/01/28 14.52.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AppsWatcher
[2014/04/24 16.35.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
[2014/04/09 00.13.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG2014
[2011/04/06 19.02.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\avg9
[2014/07/19 16.47.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Broadcom
[2011/04/06 19.06.52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2014/02/22 20.11.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IObit
[2014/04/09 00.13.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2014/02/22 20.08.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ProductData
[2013/12/26 15.36.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2012/01/22 19.49.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinZip
[2012/01/21 13.33.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinZipEC
[2014/02/22 20.08.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2012/01/29 21.50.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/10/13 10.36.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dati applicazioni\TuneUp Software
[2012/12/16 20.18.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Adblock Pro
[2013/04/26 18.19.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AnySend
[2011/09/21 15.34.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Auslogics
[2014/04/24 16.38.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVAST Software
[2011/04/06 19.07.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVG10
[2011/11/25 18.52.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVG2012
[2012/10/04 19.25.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVG2013
[2014/04/06 21.01.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVG2014
[2013/11/18 21.35.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Dropbox
[2012/08/24 20.22.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\EmoticoonsToolbar
[2014/02/13 20.22.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Eusing
[2014/02/22 20.17.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\IObit
[2013/10/14 18.45.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\OpenOffice
[2011/04/05 19.26.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\OpenOffice.org
[2012/07/30 00.19.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Oracle
[2013/02/26 17.36.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Spotflux
[2013/10/12 14.05.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\SumatraPDF
[2012/12/22 21.49.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Thunderbird
[2012/10/04 19.23.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\TuneUp Software
[2011/06/05 18.44.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\uTorrent
[2012/11/14 11.32.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Dati applicazioni\AVG Secure Search
[2012/11/14 11.32.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Dati applicazioni\AVG2013
[2012/11/14 11.32.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Dati applicazioni\TuneUp Software
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:AD022376
< End of report >
Spero che tu riesca a trovare l'inghippo perche' ho gia troppa voglia di buttare tutto a mare.
Ti ringrazio.
Ciao
